A Tumultuous Week for Federal Cybersecurity Efforts Krebs on SecurityBrianKrebs
January 27, 2025

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation's cybersecurity posture. The president fired all advisors from …


GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs The Hacker [email protected] (The Hacker News)
January 27, 2025

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's …


⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] The Hacker [email protected] (The Hacker News)
January 27, 2025

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world …


Do We Really Need The OWASP NHI Top 10? The Hacker [email protected] (The Hacker News)
January 27, 2025

The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers …


GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities The Hacker [email protected] (The Hacker News)
January 27, 2025

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to …


MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks The Hacker [email protected] (The Hacker News)
January 27, 2025

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing …


Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks The Hacker [email protected] (The Hacker News)
January 26, 2025

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack …


RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations The Hacker [email protected] (The Hacker News)
January 24, 2025

A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and …


2025 State of SaaS Backup and Recovery Report The Hacker [email protected] (The Hacker News)
January 24, 2025

The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications …


DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations The Hacker [email protected] (The Hacker News)
January 24, 2025

The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent …